One of our clients got contacted from one of their clients notifying them that their (our client's) current SPF records are "not setup to get through most antispam filters"
In detail they say that "Currently your SPF record states that for SPF check if it’s listed in the A records to pass and anything else is a soft fail (will be delivered but flagged as spam and will probably get stuck without a rule to always allow through and you shouldn’t allow anyone to send email on your behalf so you should hard fail those). Anyway your current email shows this in our spam filter.
Received-SPF: SoftFail (exch2k10.***.*****.com: domain of transitioning **username**@OurClientsDomain.com discourages use of **external IP used for Exchange Server** as permitted sender)"
I censored out the sensitive stuff.
So... where about do I go about changing this? And what do I change it to? I haven't had to mess with SPF records before. MONTHS ago we migrated them from a ratty old Exchange 2007 server to a new 2013 one. So either this was some poor SPF setting that already existed before, it's some kind of default, or I missed something during the migration/setup. I've done extensive testing and never had an issue telling me it was blocked as spam. Running SPF tests/checks online I'm not shown any warnings either. It's not configured wrong... just... not the best way I suppose.
Any help would be great. We're a tiny MSP.
In detail they say that "Currently your SPF record states that for SPF check if it’s listed in the A records to pass and anything else is a soft fail (will be delivered but flagged as spam and will probably get stuck without a rule to always allow through and you shouldn’t allow anyone to send email on your behalf so you should hard fail those). Anyway your current email shows this in our spam filter.
Received-SPF: SoftFail (exch2k10.***.*****.com: domain of transitioning **username**@OurClientsDomain.com discourages use of **external IP used for Exchange Server** as permitted sender)"
I censored out the sensitive stuff.
So... where about do I go about changing this? And what do I change it to? I haven't had to mess with SPF records before. MONTHS ago we migrated them from a ratty old Exchange 2007 server to a new 2013 one. So either this was some poor SPF setting that already existed before, it's some kind of default, or I missed something during the migration/setup. I've done extensive testing and never had an issue telling me it was blocked as spam. Running SPF tests/checks online I'm not shown any warnings either. It's not configured wrong... just... not the best way I suppose.
Any help would be great. We're a tiny MSP.